package com.etool.commons.interceptor;


import java.util.Collections;
import java.util.List;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.struts2.ServletActionContext;

import com.etool.commons.utils.AnnontationUtils;
import com.etool.modules.auth.model.AuthMenu;
import com.etool.modules.auth.model.NoRequireAuth;
import com.etool.modules.auth.model.NoRequireLogin;
import com.etool.modules.auth.service.AuthService;
import com.etool.modules.auth.service.AuthWorkerService;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.ActionProxy;

import com.opensymphony.xwork2.interceptor.Interceptor;

/**
 * 权限拦截器
 * @author linjia
 *
 */
public class AuthInterceptor implements Interceptor {

	private static final long serialVersionUID = -1997592576433280983L;

	protected static final Log logger = LogFactory.getLog(AuthInterceptor.class);
	
	private AuthWorkerService authWorkerService;
	
	private AuthService authService;

	public String intercept(ActionInvocation invocation) throws Exception {
		final ActionContext context = invocation.getInvocationContext();
		final ActionProxy proxy = invocation.getProxy();
		final Object action = invocation.getAction();
		final HttpServletRequest request = (HttpServletRequest) context.get(ServletActionContext.HTTP_REQUEST);
		final HttpServletResponse response = (HttpServletResponse) context.get(ServletActionContext.HTTP_RESPONSE);
		final HttpSession session=request.getSession();
		
		
		//完整url
		String url=request.getRequestURI();
		if(request.getQueryString()!=null)
		{
			url+="?"+request.getQueryString();
		}
		
		//不需要权限控制
		final NoRequireAuth noRequireAuth=AnnontationUtils.getFromMethedOrType(NoRequireAuth.class, action, proxy.getMethod());
		if(noRequireAuth!=null)
		{
			return invocation.invoke();
		}
		
		//用户权限检查
		int workerId = (Integer)session.getAttribute("workerId");
		
		List<AuthMenu> menus = authService.auths(workerId);
		
		boolean hasAuth=false;
		
		for(AuthMenu menu:menus)
		{
			Pattern pattern = Pattern.compile("^"+menu.getUrl()+".*");
			Matcher matcher = pattern.matcher(url);
			if(matcher.matches())
			{
				hasAuth=true;
			}
		}
		
		if(hasAuth==false)
		{
			return "noAuth";
		}
		
		return invocation.invoke();
	}


	public void destroy() {
	
	}

	public void init() {
		
	}



	public AuthWorkerService getAuthWorkerService() {
		return authWorkerService;
	}



	public void setAuthWorkerService(AuthWorkerService authWorkerService) {
		this.authWorkerService = authWorkerService;
	}



	public AuthService getAuthService() {
		return authService;
	}



	public void setAuthService(AuthService authService) {
		this.authService = authService;
	}

	
}
